OPNsense Forum
English Forums => Zenarmor (Sensei) => Topic started by: ruuskil on November 09, 2021, 10:14:44 am
-
Hi.
I know the answer to my question might be something that SunnyValley is not able to disclose but I'm going to ask it anyway.
Who is the provider of threat intelligence and site classification for Zenarmor? Or is SunnyValley using a proprietary engine for this?
Reason for my question is because I currently use Brightcloud filtering on my Aruba instant on equipment, Suricata inspection with proofpoint rules in opnsense and finally a Quad 9 DNS inspection which uses multiple threat intelligence providers. So I'm wondering if using Zenarmor gives me any more defence layers especially if it uses the same threat intelligence than any of the providers that I'm currently using.
-
Hi @ruuskil,
Yes, unfortunately, we cannot provide much information about this as this is part of our IP.
We're investing a considerable amount of resources in this to make sure SVN Threat Intelligence makes use of the industry's best information sources and is always up to date. [1]
Having said that, our experience tells us that it's always a good idea to deploy additional layers of defence if you can. The good thing with Zenarmor is that you don't need to sacrifice DNS based intelligence like unbound etc since Zenarmor does not care which DNS server you're using and it can work peacefully with all of them.
Hope this is helpful.
[1] https://www.sunnyvalley.io/docs/guides/cloud-reputation-and-threat-intelligence
-
Thank you @mb
I'm running Zenarmor now and so far everything has been smooth. I like how this gives me better insight on what's going on in my network.